Identities of Turkey coup plotters exposed by 'amateur' messaging app

Turkish intelligence cracked the encryption of the application earlier this year.

Turkish military stand guard near the the Taksim Square as people wave with Turkish flags in IstanbulMurad Sezer/ Reuters

Turkish intelligence has claimed it was able to identify thousands of people linked to last month's failed military coup against the Erdogan government by exploiting weak encryption on a little-known smartphone chat application called ByLock.

One senior military official, speaking to Reuters on condition of anonymity, said that data retrieved from the application helped to "map" the network of those plotting against the regime. "A large number of people identified via ByLock were directly involved in the coup attempt," the source claimed.

Turkish intelligence successfully cracked the encryption of the application earlier this year and, according to Reuters' contact, used it to "trace tens of thousands of members" of the Gülen religious movement – which the government has since blamed for orchestrating the July putsch.

While ByLock, which appears to have been first released on iOS and Android in 2014, is not thought to have been used to actively plot the coup, the official said it was used by many suspects that were involved. After being removed by the developers within the first year of operating, new versions appeared via third-party download websites, Reuters said.

Most of the cybersecurity experts contacted by the news agency had never even heard of ByLock until the coup attempt. Upon analysis, at least one firm said it was clearly the work of an amateur developer and that key information about users was left unencrypted.

A blog post published in November 2014 claimed that ByLock, at the time, had one million users. The author of the post said the application had suffered attacks and "malicious connection" from "Middle East" countries.

In any case, the Turkish official said that by May 2015, its intelligence agencies had identified "close to 40,000 undercover Gülenist operatives" which included 600 military personnel. Following the coup, this ByLock data was used to round up those involved.

While the app was reportedly used to identify the network of potential plotters, it is not believed to have played a part in how those responsible communicated during the coup itself. The official claimed that "Gülen network members" had long since abandoned the platform in favour of more secure options like Facebook's WhatsApp. As widely reported, even that platform was compromised evenutally.

As the dust settled after the attempted government overthrow, the army said over 8,000 military members took part in the coup action which claimed the lives of over 200 people. In the days and weeks after, tens of thousands of people including government officials, journalists, judges and law enforcement, fell victim to Erdogan's purge.